<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=9"/>
<title>wwwApp: user.php Source File</title>
<link href="tabs.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="jquery.js"></script>
<script type="text/javascript" src="dynsections.js"></script>
<link href="search/search.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="search/search.js"></script>
<script type="text/javascript">
  $(document).ready(function() { searchBox.OnSelectItem(0); });
</script>
<link href="doxygen.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
<div id="titlearea">
<table cellspacing="0" cellpadding="0">
 <tbody>
 <tr style="height: 56px;">
  <td style="padding-left: 0.5em;">
   <div id="projectname">wwwApp
   </div>
   <div id="projectbrief">A web app for workshop organizing, recruitment and qualification</div>
  </td>
 </tr>
 </tbody>
</table>
</div>
<!-- end header part -->
<!-- Generated by Doxygen 1.8.1.1 -->
<script type="text/javascript">
var searchBox = new SearchBox("searchBox", "search",false,'Search');
</script>
  <div id="navrow1" class="tabs">
    <ul class="tablist">
      <li><a href="index.html"><span>Main&#160;Page</span></a></li>
      <li><a href="annotated.html"><span>Classes</span></a></li>
      <li class="current"><a href="files.html"><span>Files</span></a></li>
      <li>
        <div id="MSearchBox" class="MSearchBoxInactive">
        <span class="left">
          <img id="MSearchSelect" src="search/mag_sel.png"
               onmouseover="return searchBox.OnSearchSelectShow()"
               onmouseout="return searchBox.OnSearchSelectHide()"
               alt=""/>
          <input type="text" id="MSearchField" value="Search" accesskey="S"
               onfocus="searchBox.OnSearchFieldFocus(true)" 
               onblur="searchBox.OnSearchFieldFocus(false)" 
               onkeyup="searchBox.OnSearchFieldChange(event)"/>
          </span><span class="right">
            <a id="MSearchClose" href="javascript:searchBox.CloseResultsWindow()"><img id="MSearchCloseImg" border="0" src="search/close.png" alt=""/></a>
          </span>
        </div>
      </li>
    </ul>
  </div>
  <div id="navrow2" class="tabs2">
    <ul class="tablist">
      <li><a href="files.html"><span>File&#160;List</span></a></li>
      <li><a href="globals.html"><span>File&#160;Members</span></a></li>
    </ul>
  </div>
</div><!-- top -->
<!-- window showing the filter options -->
<div id="MSearchSelectWindow"
     onmouseover="return searchBox.OnSearchSelectShow()"
     onmouseout="return searchBox.OnSearchSelectHide()"
     onkeydown="return searchBox.OnSearchSelectKey(event)">
<a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(0)"><span class="SelectionMark">&#160;</span>All</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(1)"><span class="SelectionMark">&#160;</span>Classes</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(2)"><span class="SelectionMark">&#160;</span>Files</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(3)"><span class="SelectionMark">&#160;</span>Functions</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(4)"><span class="SelectionMark">&#160;</span>Variables</a></div>

<!-- iframe showing the search results (closed by default) -->
<div id="MSearchResultsWindow">
<iframe src="javascript:void(0)" frameborder="0" 
        name="MSearchResults" id="MSearchResults">
</iframe>
</div>

<div class="header">
  <div class="headertitle">
<div class="title">user.php</div>  </div>
</div><!--header-->
<div class="contents">
<a href="user_8php.html">Go to the documentation of this file.</a><div class="fragment"><div class="line"><a name="l00001"></a><span class="lineno">    1</span>&#160;&lt;?php</div>
<div class="line"><a name="l00002"></a><span class="lineno">    2</span>&#160;<span class="comment">/*</span></div>
<div class="line"><a name="l00003"></a><span class="lineno">    3</span>&#160;<span class="comment"> *      user.php handles user registration, sessions, passwords, rights.</span></div>
<div class="line"><a name="l00004"></a><span class="lineno">    4</span>&#160;<span class="comment"> *      Logged-in state is kept in $_SESSION[&#39;user_id&#39;].</span></div>
<div class="line"><a name="l00005"></a><span class="lineno">    5</span>&#160;<span class="comment"> *</span></div>
<div class="line"><a name="l00006"></a><span class="lineno">    6</span>&#160;<span class="comment"> *      Security warning:</span></div>
<div class="line"><a name="l00007"></a><span class="lineno">    7</span>&#160;<span class="comment"> *              If user has cookies disabled, session_id, thus access,</span></div>
<div class="line"><a name="l00008"></a><span class="lineno">    8</span>&#160;<span class="comment"> *              can be sniffed through REFERER_URI.</span></div>
<div class="line"><a name="l00009"></a><span class="lineno">    9</span>&#160;<span class="comment"> *              Listening to network traffic is in no way made harder.</span></div>
<div class="line"><a name="l00010"></a><span class="lineno">   10</span>&#160;<span class="comment"> */</span></div>
<div class="line"><a name="l00011"></a><span class="lineno">   11</span>&#160;</div>
<div class="line"><a name="l00012"></a><span class="lineno">   12</span>&#160;</div>
<div class="line"><a name="l00013"></a><span class="lineno"><a class="code" href="user_8php.html#a6f07393b86a9a9425b2dcb6994580e35">   13</a></span>&#160;define(<span class="stringliteral">&#39;USER_ROOT&#39;</span>, -1);</div>
<div class="line"><a name="l00014"></a><span class="lineno"><a class="code" href="user_8php.html#ab1f36bf07ea17cbae5b6c5a5a9508885">   14</a></span>&#160;define(<span class="stringliteral">&#39;USER_ANONYMOUS&#39;</span>, -2);</div>
<div class="line"><a name="l00015"></a><span class="lineno">   15</span>&#160;</div>
<div class="line"><a name="l00016"></a><span class="lineno">   16</span>&#160;require_once(<span class="stringliteral">&#39;user/profile.php&#39;</span>);</div>
<div class="line"><a name="l00017"></a><span class="lineno">   17</span>&#160;require_once(<span class="stringliteral">&#39;user/admin.php&#39;</span>);</div>
<div class="line"><a name="l00018"></a><span class="lineno">   18</span>&#160;require_once(<span class="stringliteral">&#39;user/utils.php&#39;</span>);</div>
<div class="line"><a name="l00019"></a><span class="lineno">   19</span>&#160;require_once(<span class="stringliteral">&#39;user/password.php&#39;</span>);</div>
<div class="line"><a name="l00020"></a><span class="lineno">   20</span>&#160;</div>
<div class="line"><a name="l00027"></a><span class="lineno"><a class="code" href="user_8php.html#a31cf42b9c7ff85d431c219e0c068075f">   27</a></span>&#160;<span class="keyword">function</span> <a class="code" href="user_8php.html#a31cf42b9c7ff85d431c219e0c068075f">initUser</a>()</div>
<div class="line"><a name="l00028"></a><span class="lineno">   28</span>&#160;{</div>
<div class="line"><a name="l00029"></a><span class="lineno">   29</span>&#160;        unset($GLOBALS[<span class="stringliteral">&#39;USER&#39;</span>]);</div>
<div class="line"><a name="l00030"></a><span class="lineno">   30</span>&#160;        global $USER, <a class="code" href="common_8php.html#a7dc56dc8b18ad37272b56fa7395bedef">$DB</a>;</div>
<div class="line"><a name="l00031"></a><span class="lineno">   31</span>&#160;        $uid = isset($_SESSION[<span class="stringliteral">&#39;user_id&#39;</span>]) ? intval($_SESSION[<span class="stringliteral">&#39;user_id&#39;</span>]) : <a class="code" href="user_8php.html#ab1f36bf07ea17cbae5b6c5a5a9508885">USER_ANONYMOUS</a>;</div>
<div class="line"><a name="l00032"></a><span class="lineno">   32</span>&#160;        $USER = <a class="code" href="user_8php.html#a5fa3ca13e5c8bc79a08d3fc4972f7a95">getUser</a>($uid);</div>
<div class="line"><a name="l00033"></a><span class="lineno">   33</span>&#160;        <span class="keywordflow">if</span> (isset($_GET[<span class="stringliteral">&#39;impersonate&#39;</span>]))</div>
<div class="line"><a name="l00034"></a><span class="lineno">   34</span>&#160;        {</div>
<div class="line"><a name="l00035"></a><span class="lineno">   35</span>&#160;                <span class="keywordflow">if</span> (!<a class="code" href="user_2utils_8php.html#a1e9c8ed2c5ed2def1a367c9ffd04114b">userCan</a>(<span class="stringliteral">&#39;impersonate&#39;</span>))  <span class="keywordflow">throw</span> <span class="keyword">new</span> <a class="code" href="classPolicyException.html">PolicyException</a>();</div>
<div class="line"><a name="l00036"></a><span class="lineno">   36</span>&#160;                $USER = <a class="code" href="user_8php.html#a5fa3ca13e5c8bc79a08d3fc4972f7a95">getUser</a>(intval($_GET[<span class="stringliteral">&#39;impersonate&#39;</span>]));</div>
<div class="line"><a name="l00037"></a><span class="lineno">   37</span>&#160;                $USER[<span class="stringliteral">&#39;impersonatedBy&#39;</span>] = $uid;</div>
<div class="line"><a name="l00038"></a><span class="lineno">   38</span>&#160;        }</div>
<div class="line"><a name="l00039"></a><span class="lineno">   39</span>&#160;}</div>
<div class="line"><a name="l00040"></a><span class="lineno">   40</span>&#160;</div>
<div class="line"><a name="l00044"></a><span class="lineno"><a class="code" href="user_8php.html#a5fa3ca13e5c8bc79a08d3fc4972f7a95">   44</a></span>&#160;<span class="keyword">function</span> <a class="code" href="user_8php.html#a5fa3ca13e5c8bc79a08d3fc4972f7a95">getUser</a>($uid)</div>
<div class="line"><a name="l00045"></a><span class="lineno">   45</span>&#160;{</div>
<div class="line"><a name="l00046"></a><span class="lineno">   46</span>&#160;        global <a class="code" href="common_8php.html#a7dc56dc8b18ad37272b56fa7395bedef">$DB</a>, <a class="code" href="index_8php.html#ae1848ae8dc4014bc7c680e5504a8eef0">$PAGE</a>;</div>
<div class="line"><a name="l00047"></a><span class="lineno">   47</span>&#160;        <span class="keywordflow">if</span> ($uid == <a class="code" href="user_8php.html#ab1f36bf07ea17cbae5b6c5a5a9508885">USER_ANONYMOUS</a>)</div>
<div class="line"><a name="l00048"></a><span class="lineno">   48</span>&#160;                <span class="keywordflow">return</span> array(</div>
<div class="line"><a name="l00049"></a><span class="lineno">   49</span>&#160;                        <span class="stringliteral">&#39;uid&#39;</span> =&gt; <a class="code" href="user_8php.html#ab1f36bf07ea17cbae5b6c5a5a9508885">USER_ANONYMOUS</a>,</div>
<div class="line"><a name="l00050"></a><span class="lineno">   50</span>&#160;                        <span class="stringliteral">&#39;name&#39;</span> =&gt; _(<span class="stringliteral">&#39;Anonym&#39;</span>),</div>
<div class="line"><a name="l00051"></a><span class="lineno">   51</span>&#160;                        <span class="stringliteral">&#39;login&#39;</span> =&gt; <span class="stringliteral">&#39;anonymous&#39;</span>,</div>
<div class="line"><a name="l00052"></a><span class="lineno">   52</span>&#160;                        <span class="stringliteral">&#39;roles&#39;</span> =&gt; array(<span class="stringliteral">&#39;public&#39;</span>),</div>
<div class="line"><a name="l00053"></a><span class="lineno">   53</span>&#160;                        <span class="stringliteral">&#39;gender&#39;</span> =&gt; <span class="charliteral">&#39;m&#39;</span></div>
<div class="line"><a name="l00054"></a><span class="lineno">   54</span>&#160;                );</div>
<div class="line"><a name="l00055"></a><span class="lineno">   55</span>&#160;</div>
<div class="line"><a name="l00056"></a><span class="lineno">   56</span>&#160;        <span class="keywordflow">if</span> (!isset($DB-&gt;users[$uid]))</div>
<div class="line"><a name="l00057"></a><span class="lineno">   57</span>&#160;                <span class="keywordflow">throw</span> <span class="keyword">new</span> <a class="code" href="classKnownException.html">KnownException</a>(sprintf(_(<span class="stringliteral">&#39;User #%d doesn\&#39;t exist&#39;</span>), $uid));</div>
<div class="line"><a name="l00058"></a><span class="lineno">   58</span>&#160;</div>
<div class="line"><a name="l00059"></a><span class="lineno">   59</span>&#160;        $user = $DB-&gt;users[$uid]-&gt;assoc(<span class="stringliteral">&#39;uid,name,login,logged,gender,email&#39;</span>);</div>
<div class="line"><a name="l00060"></a><span class="lineno">   60</span>&#160;        $user[<span class="stringliteral">&#39;roles&#39;</span>] = <a class="code" href="user_2utils_8php.html#abfcbff4a35e363f8999bfa976125f491">getUserRoles</a>($uid);</div>
<div class="line"><a name="l00061"></a><span class="lineno">   61</span>&#160;        $user[<span class="stringliteral">&#39;roles&#39;</span>][] = <span class="stringliteral">&#39;registered&#39;</span>;</div>
<div class="line"><a name="l00062"></a><span class="lineno">   62</span>&#160;        $user[<span class="stringliteral">&#39;roles&#39;</span>][] = <span class="stringliteral">&#39;public&#39;</span>;</div>
<div class="line"><a name="l00063"></a><span class="lineno">   63</span>&#160;        <span class="keywordflow">return</span> $user;</div>
<div class="line"><a name="l00064"></a><span class="lineno">   64</span>&#160;}</div>
<div class="line"><a name="l00065"></a><span class="lineno">   65</span>&#160;</div>
<div class="line"><a name="l00069"></a><span class="lineno"><a class="code" href="user_8php.html#ad0002e8029508409bfbbf0cf7d9b3172">   69</a></span>&#160;<span class="keyword">function</span> <a class="code" href="user_8php.html#ad0002e8029508409bfbbf0cf7d9b3172">actionLogout</a>()</div>
<div class="line"><a name="l00070"></a><span class="lineno">   70</span>&#160;{</div>
<div class="line"><a name="l00071"></a><span class="lineno">   71</span>&#160;        global <a class="code" href="index_8php.html#ae1848ae8dc4014bc7c680e5504a8eef0">$PAGE</a>, $USER;</div>
<div class="line"><a name="l00072"></a><span class="lineno">   72</span>&#160;        unset($_SESSION[<span class="stringliteral">&#39;user_id&#39;</span>]);</div>
<div class="line"><a name="l00073"></a><span class="lineno">   73</span>&#160;        $USER = <a class="code" href="user_8php.html#a5fa3ca13e5c8bc79a08d3fc4972f7a95">getUser</a>(<a class="code" href="user_8php.html#ab1f36bf07ea17cbae5b6c5a5a9508885">USER_ANONYMOUS</a>);</div>
<div class="line"><a name="l00074"></a><span class="lineno">   74</span>&#160;        $PAGE-&gt;addMessage(_(<span class="stringliteral">&#39;Logged out.&#39;</span>), <span class="stringliteral">&#39;success&#39;</span>);</div>
<div class="line"><a name="l00075"></a><span class="lineno">   75</span>&#160;}</div>
<div class="line"><a name="l00076"></a><span class="lineno">   76</span>&#160;</div>
<div class="line"><a name="l00081"></a><span class="lineno"><a class="code" href="user_8php.html#a30a72f87d5741ff2204f385920514239">   81</a></span>&#160;<span class="keyword">function</span> <a class="code" href="user_8php.html#a30a72f87d5741ff2204f385920514239">actionLogin</a>()</div>
<div class="line"><a name="l00082"></a><span class="lineno">   82</span>&#160;{</div>
<div class="line"><a name="l00083"></a><span class="lineno">   83</span>&#160;        global <a class="code" href="common_8php.html#a7dc56dc8b18ad37272b56fa7395bedef">$DB</a>, <a class="code" href="index_8php.html#ae1848ae8dc4014bc7c680e5504a8eef0">$PAGE</a>, $USER;</div>
<div class="line"><a name="l00084"></a><span class="lineno">   84</span>&#160;        $result = $DB-&gt;query(</div>
<div class="line"><a name="l00085"></a><span class="lineno">   85</span>&#160;                <span class="stringliteral">&#39;SELECT uid,password FROM table_users</span></div>
<div class="line"><a name="l00086"></a><span class="lineno">   86</span>&#160;<span class="stringliteral">                 WHERE (login=$1 OR email=$1)&#39;</span>,</div>
<div class="line"><a name="l00087"></a><span class="lineno">   87</span>&#160;                $_POST[<span class="stringliteral">&#39;login&#39;</span>]</div>
<div class="line"><a name="l00088"></a><span class="lineno">   88</span>&#160;        );</div>
<div class="line"><a name="l00089"></a><span class="lineno">   89</span>&#160;        $uid = <span class="keyword">false</span>;</div>
<div class="line"><a name="l00090"></a><span class="lineno">   90</span>&#160;        <span class="keywordflow">if</span> (count($result))</div>
<div class="line"><a name="l00091"></a><span class="lineno">   91</span>&#160;        {</div>
<div class="line"><a name="l00092"></a><span class="lineno">   92</span>&#160;                $result = $result-&gt;fetch();</div>
<div class="line"><a name="l00093"></a><span class="lineno">   93</span>&#160;                $uid = intval($result[<span class="stringliteral">&#39;uid&#39;</span>]);</div>
<div class="line"><a name="l00094"></a><span class="lineno">   94</span>&#160;                $hash = $result[<span class="stringliteral">&#39;password&#39;</span>];</div>
<div class="line"><a name="l00095"></a><span class="lineno">   95</span>&#160;        }</div>
<div class="line"><a name="l00096"></a><span class="lineno">   96</span>&#160;        <span class="keywordflow">if</span> ($uid === <span class="keyword">false</span> || !<a class="code" href="password_8php.html#a704bd23035a2de307a0e3d9d8f43c992">validatePassword</a>($_POST[<span class="stringliteral">&#39;password&#39;</span>], $hash))</div>
<div class="line"><a name="l00097"></a><span class="lineno">   97</span>&#160;        {</div>
<div class="line"><a name="l00098"></a><span class="lineno">   98</span>&#160;                unset($_SESSION[<span class="stringliteral">&#39;user_id&#39;</span>]);</div>
<div class="line"><a name="l00099"></a><span class="lineno">   99</span>&#160;                $PAGE-&gt;addMessage(_(<span class="stringliteral">&#39;Wrong username/e-mail or password.&#39;</span>), <span class="stringliteral">&#39;userError&#39;</span>);</div>
<div class="line"><a name="l00100"></a><span class="lineno">  100</span>&#160;                <span class="keywordflow">return</span> <a class="code" href="index_8php.html#a6e8525da6dad002542958c13132118e4">callAction</a>(<span class="stringliteral">&#39;homepage&#39;</span>);</div>
<div class="line"><a name="l00101"></a><span class="lineno">  101</span>&#160;        }</div>
<div class="line"><a name="l00102"></a><span class="lineno">  102</span>&#160;        <span class="keywordflow">if</span> (<a class="code" href="password_8php.html#a6e23a46aba7ce503d2a7dde9f6fb8f19">passwordNeedsRehash</a>($hash))</div>
<div class="line"><a name="l00103"></a><span class="lineno">  103</span>&#160;                $DB-&gt;users[$uid]-&gt;update(array(<span class="stringliteral">&#39;password&#39;</span> =&gt; <a class="code" href="password_8php.html#a26fb1747283617276edce7e87b038e96">createPasswordHash</a>($_POST[<span class="stringliteral">&#39;password&#39;</span>])));</div>
<div class="line"><a name="l00104"></a><span class="lineno">  104</span>&#160;</div>
<div class="line"><a name="l00105"></a><span class="lineno">  105</span>&#160;        <span class="keywordflow">if</span> ($DB-&gt;users[$uid]-&gt;get(<span class="stringliteral">&#39;confirm&#39;</span>))</div>
<div class="line"><a name="l00106"></a><span class="lineno">  106</span>&#160;        {</div>
<div class="line"><a name="l00107"></a><span class="lineno">  107</span>&#160;                unset($_SESSION[<span class="stringliteral">&#39;user_id&#39;</span>]);</div>
<div class="line"><a name="l00108"></a><span class="lineno">  108</span>&#160;                $PAGE-&gt;addMessage(_(<span class="stringliteral">&#39;This account hasn\&#39;t been confirmed yet. Check your mailbox.&#39;</span>), <span class="stringliteral">&#39;userError&#39;</span>);</div>
<div class="line"><a name="l00109"></a><span class="lineno">  109</span>&#160;                <span class="keywordflow">return</span> <a class="code" href="index_8php.html#a6e8525da6dad002542958c13132118e4">callAction</a>(<span class="stringliteral">&#39;homepage&#39;</span>);</div>
<div class="line"><a name="l00110"></a><span class="lineno">  110</span>&#160;        }</div>
<div class="line"><a name="l00111"></a><span class="lineno">  111</span>&#160;        $_SESSION[<span class="stringliteral">&#39;user_id&#39;</span>] = $uid;</div>
<div class="line"><a name="l00112"></a><span class="lineno">  112</span>&#160;        $USER = <a class="code" href="user_8php.html#a5fa3ca13e5c8bc79a08d3fc4972f7a95">getUser</a>($uid);</div>
<div class="line"><a name="l00113"></a><span class="lineno">  113</span>&#160;</div>
<div class="line"><a name="l00114"></a><span class="lineno">  114</span>&#160;        <a class="code" href="index_8php.html#a6e8525da6dad002542958c13132118e4">callAction</a>(<span class="stringliteral">&#39;homepage&#39;</span>);</div>
<div class="line"><a name="l00115"></a><span class="lineno">  115</span>&#160;        $USER[<span class="stringliteral">&#39;logged&#39;</span>] = time();</div>
<div class="line"><a name="l00116"></a><span class="lineno">  116</span>&#160;        $DB-&gt;users[$USER[<span class="stringliteral">&#39;uid&#39;</span>]]-&gt;update(array(<span class="stringliteral">&#39;logged&#39;</span> =&gt; $USER[<span class="stringliteral">&#39;logged&#39;</span>]));</div>
<div class="line"><a name="l00117"></a><span class="lineno">  117</span>&#160;        $PAGE-&gt;addMessage(_(<span class="stringliteral">&#39;Successfully logged in.&#39;</span>), <span class="stringliteral">&#39;success&#39;</span>);</div>
<div class="line"><a name="l00118"></a><span class="lineno">  118</span>&#160;}</div>
<div class="line"><a name="l00119"></a><span class="lineno">  119</span>&#160;</div>
<div class="line"><a name="l00123"></a><span class="lineno"><a class="code" href="user_8php.html#ab517e12ac011673de34be485fedb1c90">  123</a></span>&#160;<span class="keyword">function</span> <a class="code" href="user_8php.html#ab517e12ac011673de34be485fedb1c90">addLoginMenuBox</a>()</div>
<div class="line"><a name="l00124"></a><span class="lineno">  124</span>&#160;{</div>
<div class="line"><a name="l00125"></a><span class="lineno">  125</span>&#160;        global <a class="code" href="index_8php.html#ae1848ae8dc4014bc7c680e5504a8eef0">$PAGE</a>;</div>
<div class="line"><a name="l00126"></a><span class="lineno">  126</span>&#160;        $template = <span class="keyword">new</span> <a class="code" href="classSimpleTemplate.html">SimpleTemplate</a>();</div>
<div class="line"><a name="l00127"></a><span class="lineno">  127</span>&#160;        ?&gt;</div>
<div class="line"><a name="l00128"></a><span class="lineno">  128</span>&#160;                &lt;div <span class="keyword">class</span>=<span class="stringliteral">&quot;menuBox&quot;</span> <span class="keywordtype">id</span>=<span class="stringliteral">&quot;loginBox&quot;</span>&gt;</div>
<div class="line"><a name="l00129"></a><span class="lineno">  129</span>&#160;                        &lt;form method=<span class="stringliteral">&quot;post&quot;</span> action=<span class="stringliteral">&quot;login&quot;</span>&gt;</div>
<div class="line"><a name="l00130"></a><span class="lineno">  130</span>&#160;                                        &lt;input <span class="keyword">class</span>=<span class="stringliteral">&quot;inputText&quot;</span> type=<span class="stringliteral">&quot;text&quot;</span> name=<span class="stringliteral">&quot;login&quot;</span>/&gt;&lt;br/&gt;</div>
<div class="line"><a name="l00131"></a><span class="lineno">  131</span>&#160;                                        &lt;input <span class="keyword">class</span>=<span class="stringliteral">&quot;inputText&quot;</span>  type=<span class="stringliteral">&quot;password&quot;</span> name=<span class="stringliteral">&quot;password&quot;</span>/&gt;&lt;br/&gt;</div>
<div class="line"><a name="l00132"></a><span class="lineno">  132</span>&#160;                                        &lt;input <span class="keyword">class</span>=<span class="stringliteral">&quot;inputButton&quot;</span>  type=<span class="stringliteral">&quot;submit&quot;</span> value=<span class="stringliteral">&quot;{{Log in}}&quot;</span>/&gt;&lt;br/&gt;</div>
<div class="line"><a name="l00133"></a><span class="lineno">  133</span>&#160;                                        &lt;a href=<span class="stringliteral">&quot;register&quot;</span>&gt;{{create account}}&lt;/a&gt;&lt;br/&gt;</div>
<div class="line"><a name="l00134"></a><span class="lineno">  134</span>&#160;                                        &lt;a href=<span class="stringliteral">&quot;passwordReset&quot;</span>&gt;{{forgot password?}}&lt;/a&gt;</div>
<div class="line"><a name="l00135"></a><span class="lineno">  135</span>&#160;                        &lt;/form&gt;</div>
<div class="line"><a name="l00136"></a><span class="lineno">  136</span>&#160;                &lt;/div&gt;</div>
<div class="line"><a name="l00137"></a><span class="lineno">  137</span>&#160;        &lt;?php</div>
<div class="line"><a name="l00138"></a><span class="lineno">  138</span>&#160;        $PAGE-&gt;menu .= $template-&gt;finish(<span class="keyword">true</span>);</div>
<div class="line"><a name="l00139"></a><span class="lineno">  139</span>&#160;}</div>
<div class="line"><a name="l00140"></a><span class="lineno">  140</span>&#160;</div>
<div class="line"><a name="l00146"></a><span class="lineno"><a class="code" href="user_8php.html#a1852b4f325631a9219f9dd0a0666d57d">  146</a></span>&#160;<span class="keyword">function</span> <a class="code" href="user_8php.html#a1852b4f325631a9219f9dd0a0666d57d">addUserMenuBox</a>()</div>
<div class="line"><a name="l00147"></a><span class="lineno">  147</span>&#160;{</div>
<div class="line"><a name="l00148"></a><span class="lineno">  148</span>&#160;        global $USER, <a class="code" href="index_8php.html#ae1848ae8dc4014bc7c680e5504a8eef0">$PAGE</a>, <a class="code" href="common_8php.html#a7dc56dc8b18ad37272b56fa7395bedef">$DB</a>;</div>
<div class="line"><a name="l00149"></a><span class="lineno">  149</span>&#160;</div>
<div class="line"><a name="l00150"></a><span class="lineno">  150</span>&#160;        $items = <a class="code" href="utils_8php.html#ae70693a7d9a8484219fe57bdf2d2a46f">parseTable</a>(<span class="stringliteral">&#39;</span></div>
<div class="line"><a name="l00151"></a><span class="lineno">  151</span>&#160;<span class="stringliteral">                ACTION               =&gt; tTITLE;            ICON;</span></div>
<div class="line"><a name="l00152"></a><span class="lineno">  152</span>&#160;<span class="stringliteral">                editProfile          =&gt; profile;           user-green.png;</span></div>
<div class="line"><a name="l00153"></a><span class="lineno">  153</span>&#160;<span class="stringliteral">                editMotivationLetter =&gt; motivation letter; qual.png;</span></div>
<div class="line"><a name="l00154"></a><span class="lineno">  154</span>&#160;<span class="stringliteral">                editAdditionalInfo   =&gt; additional info;   page-white-edit.png;</span></div>
<div class="line"><a name="l00155"></a><span class="lineno">  155</span>&#160;<span class="stringliteral">        &#39;</span>);</div>
<div class="line"><a name="l00156"></a><span class="lineno">  156</span>&#160;        $items[<span class="stringliteral">&#39;editProfile&#39;</span>][<span class="stringliteral">&#39;perm&#39;</span>] = <a class="code" href="user_2utils_8php.html#a1e9c8ed2c5ed2def1a367c9ffd04114b">userCan</a>(<span class="stringliteral">&#39;editProfile&#39;</span>, $USER[<span class="stringliteral">&#39;uid&#39;</span>]);</div>
<div class="line"><a name="l00157"></a><span class="lineno">  157</span>&#160;</div>
<div class="line"><a name="l00158"></a><span class="lineno">  158</span>&#160;        $custom = <span class="stringliteral">&#39;&#39;</span>;</div>
<div class="line"><a name="l00159"></a><span class="lineno">  159</span>&#160;        <span class="keywordflow">if</span> (isset($USER[<span class="stringliteral">&#39;impersonatedBy&#39;</span>]))</div>
<div class="line"><a name="l00160"></a><span class="lineno">  160</span>&#160;        {</div>
<div class="line"><a name="l00161"></a><span class="lineno">  161</span>&#160;                $custom .= <a class="code" href="user_2utils_8php.html#a7144fa5a413ad5690425b7b720aeedba">genderize</a>(_(<span class="stringliteral">&#39;You are now logged in as another person.&#39;</span>), $DB-&gt;users[$USER[<span class="stringliteral">&#39;impersonatedBy&#39;</span>]]-&gt;get(<span class="stringliteral">&#39;gender&#39;</span>));</div>
<div class="line"><a name="l00162"></a><span class="lineno">  162</span>&#160;                $custom .= <span class="stringliteral">&#39; &lt;a href=&quot;..&quot;&gt;[&#39;</span>. _(<span class="stringliteral">&#39;return&#39;</span>) .<span class="stringliteral">&#39;]&lt;/a&gt;&#39;</span>;</div>
<div class="line"><a name="l00163"></a><span class="lineno">  163</span>&#160;        }</div>
<div class="line"><a name="l00164"></a><span class="lineno">  164</span>&#160;</div>
<div class="line"><a name="l00165"></a><span class="lineno">  165</span>&#160;        $logout = <a class="code" href="template_8php.html#a4fbd311bbd72b7beba6f27fe63b0acb1">getIcon</a>(<span class="stringliteral">&#39;poweroff.png&#39;</span>);</div>
<div class="line"><a name="l00166"></a><span class="lineno">  166</span>&#160;        $logout = <span class="stringliteral">&#39;&lt;a class=&quot;right&quot; href=&quot;logout&quot; &#39;</span>. <a class="code" href="template_8php.html#a9b9585537fe5238d4d5b54478251ccfa">getTipJS</a>(_(<span class="stringliteral">&#39;Log out&#39;</span>)) .<span class="charliteral">&#39;&gt;&#39;</span>. $logout .<span class="stringliteral">&#39;&lt;/a&gt;&#39;</span>;</div>
<div class="line"><a name="l00167"></a><span class="lineno">  167</span>&#160;        $PAGE-&gt;addMenuBox($USER[<span class="stringliteral">&#39;name&#39;</span>] .<span class="stringliteral">&#39;&amp;nbsp;&#39;</span>, $items, $custom . $logout);</div>
<div class="line"><a name="l00168"></a><span class="lineno">  168</span>&#160;}</div>
<div class="line"><a name="l00169"></a><span class="lineno">  169</span>&#160;</div>
<div class="line"><a name="l00173"></a><span class="lineno"><a class="code" href="user_8php.html#a0291c7f14febf44303b20f1ac75a2355">  173</a></span>&#160;<span class="keyword">function</span> <a class="code" href="user_8php.html#a0291c7f14febf44303b20f1ac75a2355">actionRegister</a>()</div>
<div class="line"><a name="l00174"></a><span class="lineno">  174</span>&#160;{</div>
<div class="line"><a name="l00175"></a><span class="lineno">  175</span>&#160;        global <a class="code" href="common_8php.html#a7dc56dc8b18ad37272b56fa7395bedef">$DB</a>, <a class="code" href="index_8php.html#ae1848ae8dc4014bc7c680e5504a8eef0">$PAGE</a>;</div>
<div class="line"><a name="l00176"></a><span class="lineno">  176</span>&#160;        $PAGE-&gt;title = _(<span class="stringliteral">&#39;Create your account&#39;</span>);</div>
<div class="line"><a name="l00177"></a><span class="lineno">  177</span>&#160;        $form = <span class="keyword">new</span> <a class="code" href="classForm.html">Form</a>(<a class="code" href="utils_8php.html#ae70693a7d9a8484219fe57bdf2d2a46f">parseTable</a>(<span class="stringliteral">&#39;</span></div>
<div class="line"><a name="l00178"></a><span class="lineno">  178</span>&#160;<span class="stringliteral">                NAME            =&gt; TYPE;     tDESCRIPTION;    VALIDATION;</span></div>
<div class="line"><a name="l00179"></a><span class="lineno">  179</span>&#160;<span class="stringliteral">                login           =&gt; text;     username;        charset(name digit),length(4 20);</span></div>
<div class="line"><a name="l00180"></a><span class="lineno">  180</span>&#160;<span class="stringliteral">                password        =&gt; password; password;        length(8 100);</span></div>
<div class="line"><a name="l00181"></a><span class="lineno">  181</span>&#160;<span class="stringliteral">                password_repeat =&gt; password; retype password; equal(password);</span></div>
<div class="line"><a name="l00182"></a><span class="lineno">  182</span>&#160;<span class="stringliteral">                name            =&gt; text;     full name;       charset(name),length(4 60);</span></div>
<div class="line"><a name="l00183"></a><span class="lineno">  183</span>&#160;<span class="stringliteral">                email           =&gt; text;     e-mail;          email;</span></div>
<div class="line"><a name="l00184"></a><span class="lineno">  184</span>&#160;<span class="stringliteral">        &#39;</span>));</div>
<div class="line"><a name="l00185"></a><span class="lineno">  185</span>&#160;        $form-&gt;custom = _(<span class="stringliteral">&#39;All fields are required. &#39;</span>.</div>
<div class="line"><a name="l00186"></a><span class="lineno">  186</span>&#160;                <span class="stringliteral">&#39;Your e-mail will only be visible to signed-in users.&lt;br/&gt;&#39;</span>.</div>
<div class="line"><a name="l00187"></a><span class="lineno">  187</span>&#160;                <span class="stringliteral">&#39;One account should correspond to one person &#39;</span>.</div>
<div class="line"><a name="l00188"></a><span class="lineno">  188</span>&#160;                <span class="stringliteral">&#39;(e.g. don\&#39;t create an account for another lecturer).&lt;br/&gt;&#39;</span>);</div>
<div class="line"><a name="l00189"></a><span class="lineno">  189</span>&#160;</div>
<div class="line"><a name="l00190"></a><span class="lineno">  190</span>&#160;        <span class="keywordflow">if</span> (!$form-&gt;submitted())</div>
<div class="line"><a name="l00191"></a><span class="lineno">  191</span>&#160;                <span class="keywordflow">return</span> print $form-&gt;getHTML();</div>
<div class="line"><a name="l00192"></a><span class="lineno">  192</span>&#160;</div>
<div class="line"><a name="l00193"></a><span class="lineno">  193</span>&#160;        $values = $form-&gt;fetchAndValidateValues();</div>
<div class="line"><a name="l00194"></a><span class="lineno">  194</span>&#160;        $DB-&gt;query(<span class="stringliteral">&#39;SELECT COUNT(*) FROM table_users WHERE login=$1&#39;</span>, $values[<span class="stringliteral">&#39;login&#39;</span>]);</div>
<div class="line"><a name="l00195"></a><span class="lineno">  195</span>&#160;        $form-&gt;assert($DB-&gt;fetch_int() === 0, _(<span class="stringliteral">&#39;This login is already taken.&#39;</span>));</div>
<div class="line"><a name="l00196"></a><span class="lineno">  196</span>&#160;        $DB-&gt;query(<span class="stringliteral">&#39;SELECT COUNT(*) FROM table_users WHERE email=$1&#39;</span>, $_POST[<span class="stringliteral">&#39;email&#39;</span>]);</div>
<div class="line"><a name="l00197"></a><span class="lineno">  197</span>&#160;        $form-&gt;assert($DB-&gt;fetch_int() === 0, _(<span class="stringliteral">&#39;This email address is already registered. &#39;</span>.</div>
<div class="line"><a name="l00198"></a><span class="lineno">  198</span>&#160;                <span class="stringliteral">&#39;If you didn\&#39;t receive an email with confirmation, check your spam or&#39;</span>).</div>
<div class="line"><a name="l00199"></a><span class="lineno">  199</span>&#160;                <span class="stringliteral">&#39; &lt;a href=&quot;reportBug&quot;&gt;&#39;</span>. _(<span class="stringliteral">&#39;report a bug&#39;</span>) .<span class="stringliteral">&#39;&lt;/a&gt;.&#39;</span>);</div>
<div class="line"><a name="l00200"></a><span class="lineno">  200</span>&#160;        <span class="keywordflow">if</span> (!$form-&gt;valid)</div>
<div class="line"><a name="l00201"></a><span class="lineno">  201</span>&#160;                <span class="keywordflow">return</span> print $form-&gt;getHTML();</div>
<div class="line"><a name="l00202"></a><span class="lineno">  202</span>&#160;</div>
<div class="line"><a name="l00203"></a><span class="lineno">  203</span>&#160;        $confirmKey = rand(100000,999999);</div>
<div class="line"><a name="l00204"></a><span class="lineno">  204</span>&#160;</div>
<div class="line"><a name="l00205"></a><span class="lineno">  205</span>&#160;        $DB-&gt;users[]= array(</div>
<div class="line"><a name="l00206"></a><span class="lineno">  206</span>&#160;                <span class="stringliteral">&#39;login&#39;</span> =&gt; $values[<span class="stringliteral">&#39;login&#39;</span>],</div>
<div class="line"><a name="l00207"></a><span class="lineno">  207</span>&#160;                <span class="stringliteral">&#39;password&#39;</span> =&gt; <a class="code" href="password_8php.html#a26fb1747283617276edce7e87b038e96">createPasswordHash</a>($values[<span class="stringliteral">&#39;password&#39;</span>]),</div>
<div class="line"><a name="l00208"></a><span class="lineno">  208</span>&#160;                <span class="stringliteral">&#39;name&#39;</span> =&gt; $values[<span class="stringliteral">&#39;name&#39;</span>],</div>
<div class="line"><a name="l00209"></a><span class="lineno">  209</span>&#160;                <span class="stringliteral">&#39;email&#39;</span> =&gt; $values[<span class="stringliteral">&#39;email&#39;</span>],</div>
<div class="line"><a name="l00210"></a><span class="lineno">  210</span>&#160;                <span class="stringliteral">&#39;confirm&#39;</span> =&gt; $confirmKey,</div>
<div class="line"><a name="l00211"></a><span class="lineno">  211</span>&#160;                <span class="stringliteral">&#39;registered&#39;</span> =&gt; time(),</div>
<div class="line"><a name="l00212"></a><span class="lineno">  212</span>&#160;                <span class="stringliteral">&#39;logged&#39;</span> =&gt; 0</div>
<div class="line"><a name="l00213"></a><span class="lineno">  213</span>&#160;        );</div>
<div class="line"><a name="l00214"></a><span class="lineno">  214</span>&#160;        $uid = $DB-&gt;users-&gt;lastValue();</div>
<div class="line"><a name="l00215"></a><span class="lineno">  215</span>&#160;</div>
<div class="line"><a name="l00216"></a><span class="lineno">  216</span>&#160;        <span class="comment">// ordername of &#39;Tom Marvolo Riddle&#39; is &#39;Riddle Tom Marvolo 666&#39;.</span></div>
<div class="line"><a name="l00217"></a><span class="lineno">  217</span>&#160;        $nameParts = explode(<span class="charliteral">&#39; &#39;</span>, $values[<span class="stringliteral">&#39;name&#39;</span>]);</div>
<div class="line"><a name="l00218"></a><span class="lineno">  218</span>&#160;        array_unshift($nameParts, array_pop($nameParts));</div>
<div class="line"><a name="l00219"></a><span class="lineno">  219</span>&#160;        $nameParts[]= $uid;</div>
<div class="line"><a name="l00220"></a><span class="lineno">  220</span>&#160;        $DB-&gt;users[$uid]-&gt;update(array(<span class="stringliteral">&#39;ordername&#39;</span> =&gt; implode(<span class="charliteral">&#39; &#39;</span>, $nameParts)));</div>
<div class="line"><a name="l00221"></a><span class="lineno">  221</span>&#160;</div>
<div class="line"><a name="l00222"></a><span class="lineno">  222</span>&#160;        $link = <span class="stringliteral">&#39;http://&#39;</span>. $_SERVER[<span class="stringliteral">&#39;HTTP_HOST&#39;</span>] . <a class="code" href="config_8php_8template.html#a2344febf266e5f02233a920c7961b0f1">ABSOLUTE_PATH_PREFIX</a> .<span class="stringliteral">&quot;registerConfirm%28$confirmKey%29&quot;</span>;</div>
<div class="line"><a name="l00223"></a><span class="lineno">  223</span>&#160;        $mail = sprintf(_(<span class="stringliteral">&#39;A new user account has been created on %s using this e-mail address.\n&#39;</span>.</div>
<div class="line"><a name="l00224"></a><span class="lineno">  224</span>&#160;                <span class="stringliteral">&#39;To confirm your registration, open the following link:\n%s\n\n&#39;</span>.</div>
<div class="line"><a name="l00225"></a><span class="lineno">  225</span>&#160;                <span class="stringliteral">&#39;(If you didn\&#39;t sign up, just ignore this email.)\n&#39;</span>),</div>
<div class="line"><a name="l00226"></a><span class="lineno">  226</span>&#160;                        $_SERVER[<span class="stringliteral">&#39;HTTP_HOST&#39;</span>], $link);</div>
<div class="line"><a name="l00227"></a><span class="lineno">  227</span>&#160;        $mail = str_replace(<span class="charliteral">&#39;\n&#39;</span>, <span class="stringliteral">&quot;\n&quot;</span>, $mail);</div>
<div class="line"><a name="l00228"></a><span class="lineno">  228</span>&#160;        <a class="code" href="email_8php.html#a4d9b10638d7c2d561789ed42890fba01">sendMail</a>(_(<span class="stringliteral">&#39;New user account&#39;</span>), $mail, array(array($values[<span class="stringliteral">&#39;name&#39;</span>],$values[<span class="stringliteral">&#39;email&#39;</span>])));</div>
<div class="line"><a name="l00229"></a><span class="lineno">  229</span>&#160;        $PAGE-&gt;headerTitle = <span class="stringliteral">&#39;&#39;</span>;</div>
<div class="line"><a name="l00230"></a><span class="lineno">  230</span>&#160;        $PAGE-&gt;addMessage(_(<span class="stringliteral">&#39;Your account has been successfully created. &#39;</span>.</div>
<div class="line"><a name="l00231"></a><span class="lineno">  231</span>&#160;                <span class="stringliteral">&#39;Now, click the link you received in an e-mail to confirm.&lt;br/&gt;&#39;</span>.</div>
<div class="line"><a name="l00232"></a><span class="lineno">  232</span>&#160;                <span class="stringliteral">&#39;(If not, wait 15 minutes and check your spam.)&#39;</span>), <span class="stringliteral">&#39;success&#39;</span>);</div>
<div class="line"><a name="l00233"></a><span class="lineno">  233</span>&#160;}</div>
<div class="line"><a name="l00234"></a><span class="lineno">  234</span>&#160;</div>
<div class="line"><a name="l00239"></a><span class="lineno"><a class="code" href="user_8php.html#ad9eea6d1c399b77466d9d7a11fd0be29">  239</a></span>&#160;<span class="keyword">function</span> <a class="code" href="user_8php.html#ad9eea6d1c399b77466d9d7a11fd0be29">actionRegisterConfirm</a>($confirmkey = null)</div>
<div class="line"><a name="l00240"></a><span class="lineno">  240</span>&#160;{</div>
<div class="line"><a name="l00241"></a><span class="lineno">  241</span>&#160;        global <a class="code" href="common_8php.html#a7dc56dc8b18ad37272b56fa7395bedef">$DB</a>, <a class="code" href="index_8php.html#ae1848ae8dc4014bc7c680e5504a8eef0">$PAGE</a>, $USER;</div>
<div class="line"><a name="l00242"></a><span class="lineno">  242</span>&#160;        <span class="keywordflow">if</span> (!is_numeric($confirmkey) || $confirmkey&lt;2)</div>
<div class="line"><a name="l00243"></a><span class="lineno">  243</span>&#160;                <span class="keywordflow">return</span> $PAGE-&gt;addMessage(_(<span class="stringliteral">&#39;The link you opened doesn\&#39;t contain the confirmation number. &#39;</span>.</div>
<div class="line"><a name="l00244"></a><span class="lineno">  244</span>&#160;                <span class="stringliteral">&#39;Please copy the whole link from the e-mail you received.&#39;</span>), <span class="stringliteral">&#39;userError&#39;</span>);</div>
<div class="line"><a name="l00245"></a><span class="lineno">  245</span>&#160;        $uid = $DB-&gt;query(<span class="stringliteral">&#39;SELECT uid FROM table_users WHERE confirm=$1&#39;</span>, intval($confirmkey));</div>
<div class="line"><a name="l00246"></a><span class="lineno">  246</span>&#160;        <span class="keywordflow">if</span> (count($uid) != 1)</div>
<div class="line"><a name="l00247"></a><span class="lineno">  247</span>&#160;                <span class="keywordflow">return</span> $PAGE-&gt;addMessage(_(<span class="stringliteral">&#39;Invalid confirmation number.&#39;</span>), <span class="stringliteral">&#39;userError&#39;</span>);</div>
<div class="line"><a name="l00248"></a><span class="lineno">  248</span>&#160;        $uid = $uid-&gt;fetch();</div>
<div class="line"><a name="l00249"></a><span class="lineno">  249</span>&#160;        <span class="keywordflow">if</span> (!is_numeric($uid))</div>
<div class="line"><a name="l00250"></a><span class="lineno">  250</span>&#160;                <span class="keywordflow">return</span> $PAGE-&gt;addMessage(_(<span class="stringliteral">&#39;Invalid confirmation number.&#39;</span>), <span class="stringliteral">&#39;userError&#39;</span>);</div>
<div class="line"><a name="l00251"></a><span class="lineno">  251</span>&#160;        $DB-&gt;users[$uid]-&gt;update(array(<span class="stringliteral">&#39;logged&#39;</span> =&gt; time(), <span class="stringliteral">&#39;confirm&#39;</span> =&gt; 0));</div>
<div class="line"><a name="l00252"></a><span class="lineno">  252</span>&#160;        $_SESSION[<span class="stringliteral">&#39;user_id&#39;</span>] = $uid;</div>
<div class="line"><a name="l00253"></a><span class="lineno">  253</span>&#160;        $USER = <a class="code" href="user_8php.html#a5fa3ca13e5c8bc79a08d3fc4972f7a95">getUser</a>($uid);</div>
<div class="line"><a name="l00254"></a><span class="lineno">  254</span>&#160;        <a class="code" href="log_8php.html#a5eaecfade7f5e117c98d7635b2aba95f">logUser</a>(<span class="stringliteral">&#39;user register&#39;</span>);</div>
<div class="line"><a name="l00255"></a><span class="lineno">  255</span>&#160;        $PAGE-&gt;addMessage(_(<span class="stringliteral">&#39;Welcome! Now tell us something about yourself.&#39;</span>), <span class="stringliteral">&#39;instruction&#39;</span>);</div>
<div class="line"><a name="l00256"></a><span class="lineno">  256</span>&#160;        <a class="code" href="index_8php.html#a6e8525da6dad002542958c13132118e4">callAction</a>(<span class="stringliteral">&#39;editProfile&#39;</span>);</div>
<div class="line"><a name="l00257"></a><span class="lineno">  257</span>&#160;}</div>
<div class="line"><a name="l00258"></a><span class="lineno">  258</span>&#160;</div>
<div class="line"><a name="l00262"></a><span class="lineno"><a class="code" href="user_8php.html#a51344ba29fa1eb86c30921c618aeaf9f">  262</a></span>&#160;<span class="keyword">function</span> <a class="code" href="user_8php.html#a51344ba29fa1eb86c30921c618aeaf9f">actionChangePassword</a>()</div>
<div class="line"><a name="l00263"></a><span class="lineno">  263</span>&#160;{</div>
<div class="line"><a name="l00264"></a><span class="lineno">  264</span>&#160;        global $USER, <a class="code" href="index_8php.html#ae1848ae8dc4014bc7c680e5504a8eef0">$PAGE</a>, <a class="code" href="common_8php.html#a7dc56dc8b18ad37272b56fa7395bedef">$DB</a>;</div>
<div class="line"><a name="l00265"></a><span class="lineno">  265</span>&#160;        <span class="keywordflow">if</span> (!<a class="code" href="user_2utils_8php.html#ae6297fbd3e8fa7cc5feb6411a80deee9">userIs</a>(<span class="stringliteral">&#39;registered&#39;</span>))  <span class="keywordflow">throw</span> <span class="keyword">new</span> <a class="code" href="classPolicyException.html">PolicyException</a>();</div>
<div class="line"><a name="l00266"></a><span class="lineno">  266</span>&#160;        $PAGE-&gt;title = _(<span class="stringliteral">&#39;Password change&#39;</span>);</div>
<div class="line"><a name="l00267"></a><span class="lineno">  267</span>&#160;        $form = <span class="keyword">new</span> <a class="code" href="classForm.html">Form</a>(<a class="code" href="utils_8php.html#ae70693a7d9a8484219fe57bdf2d2a46f">parseTable</a>(<span class="stringliteral">&#39;</span></div>
<div class="line"><a name="l00268"></a><span class="lineno">  268</span>&#160;<span class="stringliteral">                NAME                =&gt; TYPE;     tDESCRIPTION;    VALIDATION;</span></div>
<div class="line"><a name="l00269"></a><span class="lineno">  269</span>&#160;<span class="stringliteral">                oldpassword         =&gt; password; old password;    ;</span></div>
<div class="line"><a name="l00270"></a><span class="lineno">  270</span>&#160;<span class="stringliteral">                newpassword         =&gt; password; new password;    length(3 200);</span></div>
<div class="line"><a name="l00271"></a><span class="lineno">  271</span>&#160;<span class="stringliteral">                newpassword_repeat  =&gt; password; type new password again; equal(newpassword);</span></div>
<div class="line"><a name="l00272"></a><span class="lineno">  272</span>&#160;<span class="stringliteral">        &#39;</span>));</div>
<div class="line"><a name="l00273"></a><span class="lineno">  273</span>&#160;</div>
<div class="line"><a name="l00274"></a><span class="lineno">  274</span>&#160;        <span class="keywordflow">if</span> (!$form-&gt;submitted())</div>
<div class="line"><a name="l00275"></a><span class="lineno">  275</span>&#160;                <span class="keywordflow">return</span> print $form-&gt;getHTML();</div>
<div class="line"><a name="l00276"></a><span class="lineno">  276</span>&#160;</div>
<div class="line"><a name="l00277"></a><span class="lineno">  277</span>&#160;        $values = $form-&gt;fetchAndValidateValues();</div>
<div class="line"><a name="l00278"></a><span class="lineno">  278</span>&#160;        $hash = $DB-&gt;users[$USER[<span class="stringliteral">&#39;uid&#39;</span>]]-&gt;get(<span class="stringliteral">&#39;password&#39;</span>);</div>
<div class="line"><a name="l00279"></a><span class="lineno">  279</span>&#160;        $form-&gt;assert(<a class="code" href="password_8php.html#a704bd23035a2de307a0e3d9d8f43c992">validatePassword</a>($values[<span class="stringliteral">&#39;oldpassword&#39;</span>], $hash), _(<span class="stringliteral">&#39;Old password doesn\&#39;t match.&#39;</span>));</div>
<div class="line"><a name="l00280"></a><span class="lineno">  280</span>&#160;        <span class="keywordflow">if</span> (!$form-&gt;valid)</div>
<div class="line"><a name="l00281"></a><span class="lineno">  281</span>&#160;                <span class="keywordflow">return</span> print $form-&gt;getHTML();</div>
<div class="line"><a name="l00282"></a><span class="lineno">  282</span>&#160;</div>
<div class="line"><a name="l00283"></a><span class="lineno">  283</span>&#160;        $DB-&gt;users[$USER[<span class="stringliteral">&#39;uid&#39;</span>]]-&gt;update(array(<span class="stringliteral">&#39;password&#39;</span> =&gt; <a class="code" href="password_8php.html#a26fb1747283617276edce7e87b038e96">createPasswordHash</a>($values[<span class="stringliteral">&#39;newpassword&#39;</span>])));</div>
<div class="line"><a name="l00284"></a><span class="lineno">  284</span>&#160;        $PAGE-&gt;addMessage(_(<span class="stringliteral">&#39;Password succesfully changed.&#39;</span>), <span class="stringliteral">&#39;success&#39;</span>);</div>
<div class="line"><a name="l00285"></a><span class="lineno">  285</span>&#160;        <a class="code" href="log_8php.html#a5eaecfade7f5e117c98d7635b2aba95f">logUser</a>(<span class="stringliteral">&#39;user pass change&#39;</span>);</div>
<div class="line"><a name="l00286"></a><span class="lineno">  286</span>&#160;        <a class="code" href="index_8php.html#a6e8525da6dad002542958c13132118e4">callAction</a>(<span class="stringliteral">&#39;editProfile&#39;</span>);</div>
<div class="line"><a name="l00287"></a><span class="lineno">  287</span>&#160;}</div>
<div class="line"><a name="l00288"></a><span class="lineno">  288</span>&#160;</div>
<div class="line"><a name="l00293"></a><span class="lineno"><a class="code" href="user_8php.html#a665de318be97f09d540caa1eb8b4a2dd">  293</a></span>&#160;<span class="keyword">function</span> <a class="code" href="user_8php.html#a665de318be97f09d540caa1eb8b4a2dd">actionPasswordReset</a>()</div>
<div class="line"><a name="l00294"></a><span class="lineno">  294</span>&#160;{</div>
<div class="line"><a name="l00295"></a><span class="lineno">  295</span>&#160;        global $USER, <a class="code" href="index_8php.html#ae1848ae8dc4014bc7c680e5504a8eef0">$PAGE</a>, <a class="code" href="common_8php.html#a7dc56dc8b18ad37272b56fa7395bedef">$DB</a>;</div>
<div class="line"><a name="l00296"></a><span class="lineno">  296</span>&#160;        $PAGE-&gt;title = _(<span class="stringliteral">&#39;Password reset&#39;</span>);</div>
<div class="line"><a name="l00297"></a><span class="lineno">  297</span>&#160;        echo _(<span class="stringliteral">&#39;Type your username or e-mail address. You\&#39;ll recevie a message with a new password.&#39;</span>);</div>
<div class="line"><a name="l00298"></a><span class="lineno">  298</span>&#160;        $form = <span class="keyword">new</span> <a class="code" href="classForm.html">Form</a>(<a class="code" href="utils_8php.html#ae70693a7d9a8484219fe57bdf2d2a46f">parseTable</a>(<span class="stringliteral">&#39;</span></div>
<div class="line"><a name="l00299"></a><span class="lineno">  299</span>&#160;<span class="stringliteral">                NAME   =&gt; TYPE; tDESCRIPTION; VALIDATION;</span></div>
<div class="line"><a name="l00300"></a><span class="lineno">  300</span>&#160;<span class="stringliteral">                login  =&gt; text; username;     charset(name digit);</span></div>
<div class="line"><a name="l00301"></a><span class="lineno">  301</span>&#160;<span class="stringliteral">                email  =&gt; text; e-mail;       ;</span></div>
<div class="line"><a name="l00302"></a><span class="lineno">  302</span>&#160;<span class="stringliteral">        &#39;</span>));</div>
<div class="line"><a name="l00303"></a><span class="lineno">  303</span>&#160;</div>
<div class="line"><a name="l00304"></a><span class="lineno">  304</span>&#160;        <span class="keywordflow">if</span> (!$form-&gt;submitted())</div>
<div class="line"><a name="l00305"></a><span class="lineno">  305</span>&#160;                <span class="keywordflow">return</span> print $form-&gt;getHTML();</div>
<div class="line"><a name="l00306"></a><span class="lineno">  306</span>&#160;</div>
<div class="line"><a name="l00307"></a><span class="lineno">  307</span>&#160;        $values = $form-&gt;fetchAndValidateValues();</div>
<div class="line"><a name="l00308"></a><span class="lineno">  308</span>&#160;        $r = $DB-&gt;query(<span class="stringliteral">&#39;SELECT uid,email,login FROM table_users WHERE login=$1 OR email=$2&#39;</span>,</div>
<div class="line"><a name="l00309"></a><span class="lineno">  309</span>&#160;                $values[<span class="stringliteral">&#39;login&#39;</span>], $values[<span class="stringliteral">&#39;email&#39;</span>]);</div>
<div class="line"><a name="l00310"></a><span class="lineno">  310</span>&#160;</div>
<div class="line"><a name="l00311"></a><span class="lineno">  311</span>&#160;        $form-&gt;assert(count($r), _(<span class="stringliteral">&#39;No account found with such login/e-mail.&#39;</span>));</div>
<div class="line"><a name="l00312"></a><span class="lineno">  312</span>&#160;        <span class="keywordflow">if</span> (!$form-&gt;valid)</div>
<div class="line"><a name="l00313"></a><span class="lineno">  313</span>&#160;                <span class="keywordflow">return</span> print $form-&gt;getHTML();</div>
<div class="line"><a name="l00314"></a><span class="lineno">  314</span>&#160;</div>
<div class="line"><a name="l00315"></a><span class="lineno">  315</span>&#160;        list($uid, $address, $login) = $r-&gt;fetch_vector();</div>
<div class="line"><a name="l00316"></a><span class="lineno">  316</span>&#160;        <a class="code" href="log_8php.html#a5eaecfade7f5e117c98d7635b2aba95f">logUser</a>(<span class="stringliteral">&#39;pass reset&#39;</span>, $uid);</div>
<div class="line"><a name="l00317"></a><span class="lineno">  317</span>&#160;        $passwordLength = 20;</div>
<div class="line"><a name="l00318"></a><span class="lineno">  318</span>&#160;        $password = <a class="code" href="password_8php.html#a08675900fee9288af241a35114c99296">generateRandomPassword</a>($passwordLength);</div>
<div class="line"><a name="l00319"></a><span class="lineno">  319</span>&#160;</div>
<div class="line"><a name="l00320"></a><span class="lineno">  320</span>&#160;        $message = sprintf(_(</div>
<div class="line"><a name="l00321"></a><span class="lineno">  321</span>&#160;                        <span class="stringliteral">&#39;Your password at %s has been reset.\n&#39;</span>.</div>
<div class="line"><a name="l00322"></a><span class="lineno">  322</span>&#160;                        <span class="stringliteral">&#39;username: %s\ne-mail:  %s\npassword: %s\n&#39;</span>.</div>
<div class="line"><a name="l00323"></a><span class="lineno">  323</span>&#160;                        <span class="stringliteral">&#39;(the password has %d hex characters)\n\n&#39;</span>.</div>
<div class="line"><a name="l00324"></a><span class="lineno">  324</span>&#160;                        <span class="stringliteral">&#39;If you don\&#39;t know what this is about, report abuse:\n%s\n&#39;</span></div>
<div class="line"><a name="l00325"></a><span class="lineno">  325</span>&#160;                ),</div>
<div class="line"><a name="l00326"></a><span class="lineno">  326</span>&#160;                <span class="stringliteral">&#39;http://&#39;</span>. $_SERVER[<span class="stringliteral">&#39;HTTP_HOST&#39;</span>] . <a class="code" href="config_8php_8template.html#a2344febf266e5f02233a920c7961b0f1">ABSOLUTE_PATH_PREFIX</a>,</div>
<div class="line"><a name="l00327"></a><span class="lineno">  327</span>&#160;                $login, $address, $password, $passwordLength,</div>
<div class="line"><a name="l00328"></a><span class="lineno">  328</span>&#160;                <span class="stringliteral">&#39;http://&#39;</span>. $_SERVER[<span class="stringliteral">&#39;HTTP_HOST&#39;</span>] . ABSOLUTE_PATH_PREFIX .<span class="stringliteral">&#39;reportBug\n&#39;</span></div>
<div class="line"><a name="l00329"></a><span class="lineno">  329</span>&#160;        );</div>
<div class="line"><a name="l00330"></a><span class="lineno">  330</span>&#160;        $message = str_replace(<span class="charliteral">&#39;\n&#39;</span>, <span class="stringliteral">&quot;\n&quot;</span>, $message);</div>
<div class="line"><a name="l00331"></a><span class="lineno">  331</span>&#160;        <a class="code" href="email_8php.html#a4d9b10638d7c2d561789ed42890fba01">sendMail</a>(_(<span class="stringliteral">&#39;New password&#39;</span>), $message, $address);</div>
<div class="line"><a name="l00332"></a><span class="lineno">  332</span>&#160;        $DB-&gt;users[$uid]-&gt;update(array(<span class="stringliteral">&#39;password&#39;</span> =&gt; <a class="code" href="password_8php.html#a26fb1747283617276edce7e87b038e96">createPasswordHash</a>($password)));</div>
<div class="line"><a name="l00333"></a><span class="lineno">  333</span>&#160;        $PAGE-&gt;addMessage(_(<span class="stringliteral">&#39;An e-mail message with the new password has been sent.&#39;</span>), <span class="stringliteral">&#39;success&#39;</span>);</div>
<div class="line"><a name="l00334"></a><span class="lineno">  334</span>&#160;}</div>
</div><!-- fragment --></div><!-- contents -->
<!-- start footer part -->
<hr class="footer"/><address class="footer"><small>
Generated on Sun Sep 8 2013 17:44:57 for wwwApp by &#160;<a href="http://www.doxygen.org/index.html">
<img class="footer" src="doxygen.png" alt="doxygen"/>
</a> 1.8.1.1
</small></address>
</body>
</html>
